Insights, news or developments related to the Information Regulator in South Africa, including updates on webinars or events held by them.
The Information Regulator issued an enforcement notice against the Department of Basic Education (DBE) on the issue of consent under POPIA on 6 November 2024. The DBE has a long-standing practice of publishing matric results in newspapers, but this practice […]
The information officer of every public body in South Africa must submit a PAIA section 32 report to the Information Regulator annually. Section 32 of PAIA makes it compulsory - a regulatory requirement. PAIA gives effect to section 32 [...]
All private bodies must submit a PAIA section 83(4) report (PAIA report) to the information regulator according to a notice the regulator published. The regulator has requested private bodies to submit this report annually in terms of section 83(4) [...]
Today, the South African information regulator held a webinar called "Ask the Regulator". The purpose of the webinar was to allow participants to ask the regulator questions and for the regulator to encourage and support them in complying with POPIA […]
The POPIA Amendment Regulations commenced with immediate effect on 17 April 2025. These amended regulations cover new proposed rules of procedure, administrative fines, and expand the data subject's rights to their personal information. In this post, we summarise the regulations, [...]
The information regulator published a Guideline on notification of security compromises to the information regulator in July 2020. The guideline explains the procedure responsible parties or information officers should follow to notify the regulator of a security compromise or data [...]
The information regulator has presented its draft annual performance plan (regulator APP) for 1 April 2025 to 31 March 2026. It has presented them in different formats to different audiences. For example, the regulator held a stakeholder engagement on 5 [...]
The Information Regulator was created by the Protection of Personal Information Act (POPI Act). POPI gives the Information Regulator teeth - it has extensive powers to investigate and fine responsible parties. Data subjects can complain to the Information Regulator [...]
The Information Regulator issued a POPIA enforcement notice against Lancet Laboratories in September 2024 for failing to comply with the breach notifications required by POPIA. The Information Regulator conducted a POPIA compliance assessment following the numerous security compromises experienced by [...]
The information regulator briefed the public and the media on 11 September 2024 on some enforcement activities over the last quarter (since 1 April 2024). The central theme was that the regulator has taken various enforcement actions but hasn't succeeded [...]
The Information Regulator issued an enforcement notice to the State Security Agency (SSA) regarding a PAIA record request. The SSA had refused to provide the information to the requester. This refusal prompted the Regulator to investigate and issue the SSA [...]
The information regulator issued a new guidance note on the processing of personal information of a voter by political parties and independent candidates as well as highlighting how to combat misinformation and disinformation in terms of the provisions of the [...]
